2 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
new file mode 100644
index 0000000000..b0ff1a0885
--- /dev/null
+++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
@@ -0,0 +1,32 @@
+From 5adbc377cd90aa40f0cd56ae325ca70065a8aa19 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Thu, 13 Jan 2022 16:45:59 +0800
+Subject: [PATCH] flac: Fix improper buffer reusing
+CVE: CVE-2021-4156.patch
+Upstream-Status: Backport [https://github.com/libsndfile/libsndfile/issues/731]
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ src/flac.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+diff --git a/src/flac.c b/src/flac.c
+index 0be82ac..6548bba 100644
+--- a/src/flac.c
+++ b/src/flac.c
+@@ -952,7 +952,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len)
+        /* Decode some more. */
+        while (pflac->pos < pflac->len)
+        {       if (FLAC__stream_decoder_process_single (pflac->fsd) == 0)
+               {       psf_log_printf (psf, "FLAC__stream_decoder_process_single returned false\n") ;
+                       /* Current frame is busted, so NULL the pointer. */
+                       pflac->frame = NULL ;
+                        break ;
+                }
+                state = FLAC__stream_decoder_get_state (pflac->fsd) ;
+                if (state >= FLAC__STREAM_DECODER_END_OF_STREAM)
+                {       psf_log_printf (psf, "FLAC__stream_decoder_get_state returned %s\n", FLAC__StreamDecoderStateString [state]) ;
+-- 
+2.17.1
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
index 044881a859..8eb007884e 100644
--- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
+++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
@@ -20,6 +20,7 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \
           file://CVE-2017-12562.patch \
           file://CVE-2018-19758.patch \
           file://CVE-2019-3832.patch \
+           file://CVE-2021-4156.patch \
          "
 SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"

diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch new file mode 100644 index 0000000000..b0ff1a0885 --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
@@ -0,0 +1,32 @@
		1	From 5adbc377cd90aa40f0cd56ae325ca70065a8aa19 Mon Sep 17 00:00:00 2001
		2	From: Changqing Li <changqing.li@windriver.com>
		3	Date: Thu, 13 Jan 2022 16:45:59 +0800
		4	Subject: [PATCH] flac: Fix improper buffer reusing
		5
		6	CVE: CVE-2021-4156.patch
		7	Upstream-Status: Backport [https://github.com/libsndfile/libsndfile/issues/731]
		8
		9	Signed-off-by: Changqing Li <changqing.li@windriver.com>
		10	---
		11	src/flac.c \| 4 ++++
		12	1 file changed, 4 insertions(+)
		13
		14	diff --git a/src/flac.c b/src/flac.c
		15	index 0be82ac..6548bba 100644
		16	--- a/src/flac.c
		17	+++ b/src/flac.c
		18	@@ -952,7 +952,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len)
		19	/* Decode some more. */
		20	while (pflac->pos < pflac->len)
		21	{ if (FLAC__stream_decoder_process_single (pflac->fsd) == 0)
		22	+ { psf_log_printf (psf, "FLAC__stream_decoder_process_single returned false\n") ;
		23	+ /* Current frame is busted, so NULL the pointer. */
		24	+ pflac->frame = NULL ;
		25	break ;
		26	+ }
		27	state = FLAC__stream_decoder_get_state (pflac->fsd) ;
		28	if (state >= FLAC__STREAM_DECODER_END_OF_STREAM)
		29	{ psf_log_printf (psf, "FLAC__stream_decoder_get_state returned %s\n", FLAC__StreamDecoderStateString [state]) ;
		30	--
		31	2.17.1
		32


diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb index 044881a859..8eb007884e 100644 --- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb +++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
@@ -20,6 +20,7 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \
20	file://CVE-2017-12562.patch \	20	file://CVE-2017-12562.patch \
21	file://CVE-2018-19758.patch \	21	file://CVE-2018-19758.patch \
22	file://CVE-2019-3832.patch \	22	file://CVE-2019-3832.patch \
		23	file://CVE-2021-4156.patch \
23	"	24	"
24		25
25	SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"	26	SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"